Exchange 2010 Offline Address Book Will Not Download

After migrating from Exchange 2007 to Exchange 2010, workstations running Outlook in cacheded mode were not getting latest version of the GAL. When manually trying to download offline address book within Outlook, it would just hang. From the EMC, I checked the name of the OAB (Org, Mailbox, Offline Address Book (tab)), and noticed it wasn’t named the default ‘Default Offline Address List’. In this case it was called ‘KTS Offline Address List’. Shame on us for trying to personalize… ha!

Anywho, renamed OAB to ‘Default Offline Address List’, did a right-click + update on the OAB… and then tried manually downloading the OAB from Outlook again and this time it took about 10 seconds. Outlook GAL was now up-to-date and even a post in my event log (app) ‘OAB Download Succeeded’.

How to install Exchange Server 2007 SP2 on SBS 2008

There is an issue with installing SP2 for Exchange 2007 on SBS 2008, Microsoft has released a tool to get passed the errors – link. You need to download and extract Exchange 2007 SP2 – link, run the install tool. It will ask for the directory of SP2, and then you install SP2 normally.

Here are more details of the issue on


Have Exchange Server send auto reply messages – Outlook

A client wanted to setup a rule to send an automatic reply to an email address that wasn’t being used any longer. The solution was to create an Outlook rule (server-side) that would reply to the message using a specific message and forward the message to another recipient. First create a new user and email address that you want to autoreply.


Create a rule to have Exchange Server send an automatic reply

  1. On the Tools menu, click Rules Wizard.
  2. In the Apply changes to this folder list, click the Inbox you want to create the rule for.
  3. Click New.
  4. Click Start from a blank rule.
  5. Click Check messages when they arrive, and then click Next.
  6. In the Which condition(s) do you want to check list, select the From people or distribution list check box.
  7. In the Rule description list, click the underlined phrase, people or distribution list.
  8. In the Type name or select from list box, type the name of each person you want to receive the custom reply, and click From after you type each name.
  9. Click OK, and then click Next.
  10. In the What do you want to do with the message list, select the Have server reply using a specific message check box.
  11. In the Rule description list, click the underlined phrase, a specific message.
  12. In the subject line and message body, type whatever information you’d like to appear in your custom reply.
  13. Click Close, and when prompted to save changes, click Yes.
  14. Click Next, and select the check box next to any exception that you want.
  15. Click Next, and in the Please specify a name for this rule box, type a name for the rule.
  16. Click Finish, and then click OK.

By default, Exchange won’t send automatic replies, here is how to do it.

Exchange 2007

  1. Open Exchange Management Console
  2. Expand Organization Configuration-> Hub Transport
  3. In the right pane select the Remote Domains tab
  4. Right click Default and choose Properties
  5. On the General tab you can set which type of Out of Office Messages you will allow
    On the tab named “Format of original message sent as attachment to journal report:” you can enable or disable the automatic replying/forwarding

We also went on the old mailbox (that we are autoreplying from) and modified the deliver options (mail flow settings tab) to forward email to another mailbox. This will let send reply emails only to the old email address with the custom autoreply, but anyone who sends to the new email address won’t be bothered by the autoreply. You can also hide the mailbox so it doesn’t show up in the GAL too.

Link to other versions of Exchange too

Install Windows 7/Vista from USB flash drive

Here is a great article on how to install Windows 7 or Vista from a USB flash drive. It actually works as described.

Windows Small Business Server – TS Gateway Authentication issue

We recently implemented a new SBS 2008 server for one of our clients.  A user was going to be working from home and wanted to utilize thier corporate office desktop to get some tasks done.  They were able to authenticate to the Remote Web Workplace webpage successfully,  but were unable to connect to their Windows 7 desktop computer.  Every time they attempted to do so, their account was rejected with an error message: “The logon attempt failed”

I discovered the problem was due to an incorrect setting within IIS.

Here’s what I did to correct the problem:
I went to IIS Manager → Sites → SBS Web Applications → Rpc → Authentication.  There I found only “Basic Authentication” was enabled.

Enabled “Windows Authentication” then ran an IIS reset. When IIS came back online, I was able to connect via TS Gateway to the server and at least one workstation. I connected and disconnected multiple times and it had no problems. The end user verified they were also able to authenticate without error, and gained remote control of their Windows 7 computer.

Move WSUS SQL database to another location

When running WSUS on a Small Business Server, the default location is the C: drive, when that drive gets full you need to move the content and the SQL database. Below are the steps to move the SQL database to another location.

1. Open command prompt and type: net stop “update services”

2. Next, at the command promt type: net stop w3svc (if it is SBS 2008 it will also stop the Terminal Services Gateway, remember to restart)

3. Open Microsoft SQL Express Management Studio (if you don’t have this, go to to download) and connect to the MICROSOFT##SSEE database, which is the WSUS database and the SharePoint databases in SBS 2008. You can’t just connect to the database normally, you need to type this in server name area:   \.pipeMSSQL$MICROSOFT##SSEEsqlquery


 4. Detach the SUSDB database, move the SUSDB folder to the new location and attach the database again with Management Studio

5. Restart the services: “update services”, “w3svc”, and “Terminal Services Gateway”



Disable SSL v2.0 in IIS

While going through a vulnerability scan for PCI compliancy, the report noted that IIS 7 on a Small Business Server 2008 was still using SSL v2.0 instead of SSL 3.0 or TLS 1.0. To disable SSL v2.0:

  1. Click Start, click Run, type regedt32 or type regedit, and then click OK.
  2. In Registry Editor, locate the following registry key:HKey_Local_MachineSystemCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 2.0Server
  3. On the Edit menu, click Add Value.
  4. In the Data Type list, click DWORD.
  5. In the Value Name box, type Enabled, and then click OK.Note If this value is present, double-click the value to edit its current value.
  6. Type 00000000 in Binary Editor to set the value of the new key equal to “0”.
  7. Click OK. Restart the computer.

IIS negotiates the encryption with the client browser. An attacker could use a tool that tells the server it has only sslv2 (which is weaker) available. If you disable sslv2 it only uses v3 or tls, as requested by browser. A browser only supporting sslv2 would fail.

 This applies to Windows Server 2003, and Windows Server 2008, and both versions of SBS.;en-us;187498

Change default behavior for unidentified network in Vista/Windows Server 2008/Windows 7

I ran into an issue with a Hyper-V server with 6 NIC’s, some of the NIC’s in Network and Sharing center were being categorized as ‘unidentified network’ and giving the public designation. I could change it to private, but every reboot it would revert back. The issue with public network was that network discovery and file sharing was turned off, so even the NIC that was joined to the domain had little connectivity. Below fixed the issue.

You can change the security setting so that the network is not made public in the first place.

To do this on your local server or Vista/Windows 7 desktop , follow these steps:

1. Start –> run –> MMC –> press enter

2. In MMC console , from menu file select Add/Remove Snap-in

3. Select Group Policy Object editor –> Press Add –> select Local computer –> press OK –>press OK

4. Open Computer configration –>Windows Settings –>Security Settings –>select Network list manager policies
on the right Side you will see options for :

double click –>Unidentified networks

  Then you can select the option to consider the Unidentified networks as private and if user can change the

Find out what Windows Updates have been installed by using command prompt

To find out what Microsoft/Windows Updates have been installed, open command prompt and type:

wmic qfe list

This will work in Windows Vista, Windows Server 2008 and Windows 7. You can also pipe it a text file if you needed to print it off or document it.

The Wild Wild Web – Kazmarek’s January Newsletter

Check out this month’s newsletter from Kazmarek Technology Solutions, Inc.

From The Wild Wild Web article by Danny Kazmarek:

According to the latest issue of SC Magazine, phishing attempts are on the rise and nearing 20,000 new scams per month.

For more useful articles, sign up for our monthly email newsletter.

Sign up for our Email Newsletter

For Email Marketing you can trust